Frontier curious

Got this email today and am curious,started with Frontier 4 or 5 months ago and I use Thunderbird with same antivirus and firewalls I have always used. Is there a problem, I hate scare emails/warnings etc.

Frontier is committed to protecting your personal data online. As part of that commitment, we strongly recommend that you upgrade your email security settings to protect your privacy and confidentiality. There’s no cost, and it is a quick change in your email application settings that will encrypt your emails for an increased layer of security. If you choose not to make this change, your email could be intercepted and read by a third party.

This only impacts users of email applications such as Microsoft Outlook, Mac Mail, Thunderbird or Windows Live Mail. If you use our Webmail service (on your internet browser) you do not need to make any changes.

Instructions on how to make this change can be found by clicking on the link below and choosing your applicable email application. You can find additional ‘frequently asked questions’ at the bottom of the email.

Many email providers are changing to secure communications only. If you are concerned about the validity of the email go to the Frontier web site manually (i.e. type in the web site name don't click the link).

Emails of this nature which come from your ISP are legitimate; the bogus ones are the ones which come from people you don't know

Many of the malware emails spoof the ISP's address in the from box. Many times you can tell an link is fake by hovering the mouse over the link and look at the bottom of the page where the real URL is displayed. It's always safest to type the URL manually as Joe suggested and never click on links within an Email.

Many of the malware emails spoof the ISP's address in the from box. Many times you can tell an link is fake by hovering the mouse over the link and look at the bottom of the page where the real URL is displayed. It's always safest to type the URL manually as Joe suggested and never click on links within an Email.

Jerry

Good point.

Also, when YOU initiate the contact (such as manually typing the URL, or looking up their phone number and then calling them), you can know that you are getting to the right place.

"Frontier is committed to protecting your personal data online. As part of that commitment, we strongly recommend that you upgrade your email security settings to protect your privacy and confidentiality. "
SSL only protects your data while in transit from you to Frontier by encrypting the data stream. It does not encrypt or protect your email while passing through the many servers it may pass through before reaching its destination. It doesn't protect it from prying eyes sitting on the recipient's mail server. SSL protects the data while travelling between you and Frontier. If you want the content of an email protected encrypt an attached document and give the key to the recipient separately.

The message is similar to when Yahoo Mail FINALLY got with the program and started using a secure (padlock in the URL) SSL connection. Actually, this connection is far more secure than ordinary SSL, and it uses different security protocols, but the take-away message is that Frontier is forcing users to use secure connections, not forcing pre-encryption of emails.

Pre-encryption means that the messages themselves are encrypted and can only be viewed if the recipient has a Public Key. Encrypted email refers to a secure channel through which messages which themselves are not pre-encrypted, can be transmitted with minimal risk of being intercepted and read between their origin and their destination.

Having read further, I am not sure I have used the term SSL correctly here. Read my later post in response to BruceR, and follow the link the How Stuff Works for a much better treatment of web site security.

I have seen the same announcement from Frontier. I think that it is a sheep in wolfs clothing!

There's been a couple of times over the years when I've noticed that adverts would pop up after I discussed some item. I tested this by sending an email with just 5 words in it and I began getting ads on ALL 5! I complained to Frontier and for a while the ads stopped. But certainly Frontier was scanning email and web surfing.

I later began seeing ads again, probably years later. I switched to Thunderbird and I saw a decrease in ads.

Then I got from Frontier a new Terms of Service and it was very open about what they scan. I haven't gone back to web based email to see what's happening there. And the latest notice from Frontier heightens the alarm.

I'm paying for Frontier as an ISP and they shouldn't be bugging the hand that feeds them!

How do we stop them!!

Does anyone know how to get an email service that Frontier can NOT scan? It would perhaps be a service where incoming mail would go to an intermediate and the whole email including pictures, addresses etc would be encrypted and then sent to my ISP and when in Thunderbird I opened the email it would be un-encrypted??!!

The reverse would happen on outgoing in that Thunderbird would encrypt the whole thing, send the mail to an intermediate, un-encrypt and send to the recipient(s).

Does anyone know how to get an email service that Frontier can NOT scan? It would perhaps be a service where incoming mail would go to an intermediate and the whole email including pictures, addresses etc would be encrypted and then sent to my ISP and when in Thunderbird I opened the email it would be un-encrypted??!!

The reverse would happen on outgoing in that Thunderbird would encrypt the whole thing, send the mail to an intermediate, un-encrypt and send to the recipient(s).

If Frontier is your ISP, and if you use the email service that they provide, then I'm not sure how you can avoid them scanning it.

If you go with a non-Frontier email service, then I am quite sure that you will have stopped Frontier from scanning your email.

If you are concerned about someone scanning your email, then get your own domain and go with a reputable, paid email service, that is, one which makes its money from your subscription fees. If you go with a free email service, then they will in all likelihood scan your email and make money by selling the information. Also from advertisements which you see.

None of this stuff is free; you either pay with your money or your information. (or both)

What is this extraordinary SSL connection you're describing which is far more secure and what different security protocols does it use?

Bruce

What I said about SSL being not the only security in a HTTPS session may not have been entirely accurate.

HTTPS and SSL are only two of the security measures used in secure web site connections. Web sites can use additional means to protect secure logins and other interactions. TLS is an updated version of SSL, and this is the better security I was originally referring to. But as the GNU-TLS Bug illustrates, even TLS is not perfect.

Web site security usually has several components, each one of which can be made more or less secure. In the Linux case, the affected component (GNU-TLS) was patched, making the overall security setup more secure.

With the Linux GNU-TLS Bug, the issue with TLS not being secure is mitigated by the fact that GNU-TLS does not stand alone in most secure web connections. One important measure taken was to issue a security update for GNU-TLS.

OpenSSL is used much more commonly than GNU-TLS, so most secure web connections were not affected by this bug. The hype surrounding this bug does illustrate how many tech writers don't understand the different web security protocols any beter than I eveidently do. Hence some of my own confusion. More on the Linux bug here.

I probably did not fully understand what these [protocols are all about when I posted above, and I confess I still am a bit unclear on thie subject.

This article gives a lot more information on the entire subject of web security than I can include in a post, so anyone seeking the whole story probably will do a lot better reading this than reading my attempts to reduce the subject to short forum posts.

This article gives a further disctinction of SSL and TLS, and the various security aspects of each.